Manualshelf

HP-UX Secure Shell Getting Started Guide HP-UX 11i v1, HP-UX 11i v2, and HP-UX 11i v3 (5900-3142, June 2013)

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
919293949596979899100
The default setting is 3. If, for example, ServerAliveInternal is set to 15 and
ServerAliveCountMax is left at the default, if the server becomes unresponsive, ssh will
disconnect after approximately 45 seconds.
For example:
ServerAliveCountMax 3
NOTE: This directive is available for the SSH-2 protocol only. ServerAliveCountMax is
different from TCPKeepAlive. Server alive messages are sent through an encrypted channel and
are not spoofable. Messages from the TCPKeepAlive directive are spoofable.
StrictHostKeyChecking
Use this directive to specify whether HP-UX Secure Shell must add a new host to the $HOME/.ssh/
known_hosts file. StrictHostKeyChecking protects against Trojan horse attacks.
TIP: HP does not recommend using StrictHostKeyChecking when the /opt/ssh/etc/
ssh_known_hosts file is poorly maintained or connections to new hosts are made frequently.
If you use StrictHostKeyChecking, you must manually add all new hosts.
Following are the valid values of the StrictHostKeyChecking directive:
yes HP-UX Secure Shell does not automatically add host keys to the $HOME/.ssh/known_hosts
file and refuses to connect to hosts whose host key has changed.
no HP-UX Secure Shell automatically adds new host keys to the known_hosts file.
ask HP-UX Secure Shell adds the new host keys to the user’s known_hosts file after confirming
with the user. HP-UX Secure Shell then does not connect to hosts with changed host key.
The host keys of known hosts are verified automatically.
The default setting is ask.
For example:
StrictHostKeyChecking ask
TCPKeepAlive
Use this directive to specify whether the client must send TCP keep alive messages to the server. If
TCP keep alive messages are sent, the client notices termination of the connection or a server crash.
However, HP-UX Secure Shell also terminates connections if the route is down temporarily.
The default setting is yes, which sends TCP keepalive messages. The client notices if the network
goes down or the server terminates. To disable TCP keep alive messages, set TCPKeepAlive to
no.
For example:
TCPKeepAlive yes
UserPrivilegedPort
Use this directive to specify whether to use a privileged port for outgoing connections.
The default setting is no.
For example:
UserPrivilegedPort no
NOTE: This option must be set to yes for RhostsRSAAuthentication with older versions of
HP-UX Secure Shell.
User
Use this directive to specify the user to log in to the system. Use this directive when different user
names are used on different systems. With this directive, you do not have to specify the user name
on the command line.
Client Configuration Directives 97